Network Monitoring
In most multiaccess networks, it is trivially easy for a host to set
its network interface into "promiscuous mode", and copy all data
frames which pass across the network.
This is called eavesdropping or (in some circles)
packet snarfing.
Once the host has copies of all the frames it desires, it can then
analyse them to discover the data they contain.
Most data transfers across the Internet are not encoded (or
encrypted) in any way Ð the data is simply sent as
plain text. Thus
it is simple to observe messages transmitted by others. This is the
origin of the (oft repeated, and generally true) assertion that
"The
Internet is insecure".
An area where this insecurity can present a serious
problem is
password authentication. At Bendigo, students can use the
TELNET
protocol to connect to the various Unix systems. The password which
is typed by the student is transmitted across the LAN as plain text,
and can be observed by any other student using freely available PC
software. You need to always be aware of this!
Encryption
Encryption - changing message contents to be unintelligible,
requires decryption at receiver
Encryption security based on:
- encryption algorithm - must be complex enough to make it
impractical to decrypt
- secrecy of key(s) - most important
- open encryption Ð publicly described
- closed encryption Ð private vendors, classified products of
security agencies
Single key encryption
- key applied to plaintext to produce ciphertext. The
algorithm by which the key is applied is critical element.
- key applied to ciphertext to produce original text at receiver -
most systems use same algorithm as encryption, applied "in reverse".
The key is the fundamental factor in the success of this system:
- secrecy of key is principle problem
- Also: key distribution schemes
- Trusted brokers, etc
Single Key Systems - Vernam Cipher
- The very best encryption technique
- message represented as a string of bits
- key (random sequence of bits) applied to text (key is as long as
text)
- re apply same key to ciphertext to produce original text
- practically impossible to recover original text without key
- Hard to implement in practice.
- Some one-time systems are used: see the skey utility,
soon to be installed on our Unix systems.
Data Encryption Standard (DES)
- data encrypted into 64 bits blocks using 56 bit key
- ÒtheoreticallyÓ impossible to crack...
three inputs / one output:
- input block of text (64 bit)
- 64 bit key (56 bit key + 8 bit parity)
- switch (encrypt / decrypt)
- output block of text (64 bit)
Several modes of operation. Very complex, but now
universally used
in commerce.
Clipper
- "Big Brother is watching..."
- "It is a closed system that gives up all pretense of allowing
the
private sector to keep information private from the government"
Stallings & Van Slyke 1994:599
- Clipper chip is hardware encryption device based on the
skipjack
encryption algorithm, regarded as very strong. It has been mandated
for use in the US, eventually replacing DES.
- Chip users (manufactuers?) register key with government: key
escrow. The key is split into two halves, which are stored
independently with different government agencies.
- Court-approved "wiretap" (ie, decryption) operations require
both
halves of the key to access any data transmissions. In addition, a
released key can be coded so that it only works for a limited time
period.
Difficulties:
- Privacy concerns
- some doubt about whether snooping decryption could be avoided by
clever users.
Public Key Systems
- "public" key to encrypt + private key to decrypt
- each node/station generates a key pair
- each node / station publishes their public key and secures their
private key
- Node A sends to node B, encrypts message using node B's public
key
- Node B decrypts message using its private key
- algorithms are extremely complex
- problems of authentication of public keys, compromised keys,
bogus & out of date keys
- See question 4 of assignment 3 if you wish to pursue this in
more detail...
Encryption Management
Location of Encryption Devices
- link encryption Ð one encryption device per link, problem in
packet switched network
Key distribution
- manual delivery
- transmit new key using old key
- end to end encryption
Traffic Padding
- monitoring traffic is a problem, hacker can spot volume & make
assumptions
- traffic padding produces meaningless ciphertext in the absence
of
message text - a continuous stream of data is generated for the
entire duration of each transmission
Encryption Applications
Message Authentication Code
- Data to be sent, together with a secret key, are used to generate
a message authentication code
- Data plus code are transmitted to recipient
- Recipient performs same operation, using secret key. If the code
produced matches, message is authenticated.
- Can use non-reversible encypherment (eg, Unix /etc/passwd
encryption)
Digital Signatures
- Message authentication protects message from interference by a
third part, but does not guarantee shource fo the message.
- Use public key system to guarantee that message is, in fact, from
the person who claims to have sent it.
This lecture is also available in PostScript format.
The tutorial for this lecture is Tutorial #18.
Phil Scott